"The technique that the Jailbreakme.com Web site is using to bypass the iPhone's security mechanisms and enable users to run unapproved apps on their phones involves exploiting two separate vulnerabilities. One of the vulnerabilities is a memory-corruption flaw that affects the way that Apple's mobile devices, including the iPad and iPod Touch, display PDFs. The second weakness is a problem in the Apple iOS kernel that gives an attacker higher privileges once his code is on a targeted device, enabling him to break out of the iOS sandbox. The combination of the two vulnerabilities — both of which are unpatched at the moment — gives an attacker the ability to run remote code on the device and evade the security protections on the iPhone, iPad or iPod Touch. The technique became public earlier this week when the Jailbreakme.com site began hosting a set of specially crafted PDF files designed to help users jailbreak their Apple devices and load apps other than the ones approved by Apple and offered in its official App Store."

"Mozilla's Chris Blizzard talks about the rising competition by Google Chrome, the evolution of the web platform and the prospects for WebM. He also promises that Firefox 4 will be 'one generation ahead' of other browsers in relation to Javascript speed."

"BBC News has shown how straightforward it is to create a malicious application for a smartphone. Over a few weeks, the BBC put together a crude game for a smartphone that also spied on the owner of the handset. The application was built using standard parts from the software toolkits that developers use to create programs for handsets. This makes malicious applications hard to spot, say experts, because useful programs will use the same functions."

"In 1978, the CalTech mathematician Robert McEliece developed a cryptosystem based on the (then) new idea of using asymmetric mathematical functions to create different keys for encrypting and decrypting information. The security of these systems relies on mathematical steps that are easy to make in one direction but hard to do in the other. Today, popular encryption systems such as the RSA algorithm use exactly this idea. But in 1994, the mathematician Peter Shor dreamt up a quantum algorithm that could factorise much faster than any classical counterpart and so can break these codes. As soon as the first decent-sized quantum computer is switched on, these codes will become breakable. Since then, cryptographers have been hunting for encryption systems that will be safe in the post quantum world. Now a group of mathematicians have shown that the McEliece encryption system is safe against attack by Shor's algorithm and all other known quantum algorithms. That's because it does not depend on factorisation but gets its security from another asymmetric conundrum known as the hidden subgroup problem which they show is immune to all known quantum attacks."

Several readers have noted that Intel has agreed to buy McAfee, the computer antivirus software maker, for about $7.7 billion in cash. There is also a press release available if you are into that sort of thing.

"Numerous scientific studies have demonstrated that electronic voting machines can be reprogrammed to steal votes, so when researchers Alex Halderman and Ari Feldman got their hands on a machine called the Sequoia AVC Edge, they decided to do something different: they reprogrammed it to run Pac-Man. As states move away from insecure electronic voting, there's a risk that discarded machines will clog our landfills. Fortunately, these results show that voting machines can be recycled to provide countless hours of entertainment."

"CNET UK is reporting that it crashed a £90,000 Jaguar XJ Super Sport — one of the most technologically advanced cars on the planet today. It's not the sort of crash you'd imagine, however — An unforseen glitch somewhere within the car's dozens of separate onboard computers, hundreds of millions of lines of code, or its internal vehicular network, led to the dramatic BSOD, which had to be resolved with the use of a web-connected laptop."

"Toshiba on Tuesday introduced a new hard drive feature that can wipe out data after the storage devices are powered down. The Wipe feature in Toshiba's SED (Self-Encrypting Drives) will allow for deletion of secure data prior to disposing or re-purposing hard drives, Toshiba said. The technology invalidates a hard-drive security key when a system's power supply is turned off. The new Wipe capability will go into future versions of the SED drives, for which no timeframe was given. Beyond use in PCs, Toshiba wants to put this feature on storage devices in copiers and printers."